September, 2018

MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’

The Last Watchdog

All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.”. One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. Related video: Why it’s high time to protect unstructured data. Ironically, many victimized companies are paying hefty ransoms to decrypt unstructured data that may not be all that sensitive or mission critical.

Facebook hacked – 50 Million Users’ Data exposed in the security breach

Security Affairs

Facebook hacked – Attackers exploited a vulnerability in the “View As” feature that allowed them to steal Facebook access tokens of 50 Million Users. Facebook hacked, this is news that is rapidly spreading across the Internet.

Access 112

Credit Freezes are Free: Let the Ice Age Begin

Krebs on Security

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history.

Tools 284

Equifax Hit With Maximum UK Privacy Fine After Mega-Breach

Data Breach Today

Multiple Failures' Cited as Watchdog Levies Maximum Possible Pre-GDPR Fine Credit bureau Equifax has been hit with the maximum possible fine under U.K.

Mmm. Pi-hole.

Troy Hunt

I have a love-hate relationship with ad blockers. On the one hand, I despise the obnoxious ads that are forced down our throats at what seems like every turn. On the other hand, I appreciate the need for publishers to earn a living so that I can consume their hard-earned work for free.

Risk 114

Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob

WIRED Threat Level

Weak encryption in the cars' key fobs allows all-too-easy theft, but you can set a PIN code on your Tesla to protect it. Security

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

The Last Watchdog

For many start-ups, DevOps has proven to be a magical formula for increasing business velocity. Speed and agility is the name of the game — especially for Software as a Service (SaaS) companies. Related: How DevOps enabled the hacking of Uber. DevOps is a process designed to foster intensive collaboration between software developers and the IT operations team, two disciplines that traditionally have functioned as isolated silos with the technology department.

Cloud 161

More Trending Leaks 14M+ Records

Krebs on Security

Government Payment Service Inc. — a company used by thousands of U.S.

Tips 234

Ransomware Crypto-Locks Port of San Diego IT Systems

Data Breach Today

Port Remains Open and Accessible to Ships, Officials Say Several days after the Port of San Diego was hit by a crypto-locking ransomware attack, incident response efforts remain underway and many port systems remain offline.

Extended Validation Certificates are Dead

Troy Hunt

That's it - I'm calling it - extended validation certificates are dead. Sure, you can still buy them (and there are companies out there that would just love to sell them to you!),

Quantum Computing and Cryptography

Schneier on Security

Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today.

MY TAKE: Here’s how diversity can strengthen cybersecurity — at many levels

The Last Watchdog

Of the many cybersecurity executives I’ve interviewed, Keenan Skelly’s career path may be the most distinctive. Skelly started out as a U.S. Army Explosive Ordnance Disposal (EOD) Technician. “I I was on the EOD team that was actually assigned to the White House during 9/11, so I got to see our national response framework from a very high level,” she says.

Cracked Windows installations are serially infected with EternalBlue exploit code

Security Affairs

According to Avira, hundreds of thousands of unpatched Windows systems are serially infected with EternalBlue exploit code. The EternalBlue , is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack.

Study 113

Secret Service Warns of Surge in ATM ‘Wiretapping’ Attacks

Krebs on Security

The U.S.

Video 226

Europe Catches GDPR Breach-Notification Fever

Data Breach Today

Privacy Law is Fast Revealing the True Extent of Data Breaches Across UK and EU Less than four months after GDPR went into enforcement, Europe has arguably entered the modern data breach era.

GDPR 247

The Effectiveness of Publicly Shaming Bad Security

Troy Hunt

Here's how it normally plays out: It all begins when a company pops up online and makes some sort of ludicrous statement related to their security posture, often as part of a discussion on a public social media platform such as Twitter.

Are You Ever Finished With Information Governance?

Weissman's World

We at Holly Group spend our days working with clients to help them improve their Current State of information and move them towards their desired Future State. But a recent conversation with one of them raised a very interesting question: Is it possible for an organization to ever be finished?

NEW TECH: Critical Start applies ‘zero-trust’ security model to managed security services

The Last Watchdog

All companies today are exposed to intense cyber-attacks. And yet the vast majority simply do not have the capability to effectively defend their networks. That’s where managed security services providers, or MSSPs, come in. MSSPs monitor and manage cybersecurity systems as a contracted service. This can include spam filtering, malware detection, firewalls upkeep, vulnerability management and more. Related: Delivering useful intel to MSSPs. Companies are gravitating to MSSPs in a big way.

CVE-2018-1718 -Google Project Zero reports a new Linux Kernel flaw

Security Affairs

Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-1718. The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn.

In a Few Days, Credit Freezes Will Be Fee-Free

Krebs on Security

Later this month, all of the three major consumer credit bureaus will be required to offer free credit freezes to all Americans and their dependents.

Tools 217

'Magecart' Card-Sniffing Gang Cracks Newegg

Data Breach Today

E-Commerce Site Investigates Malware Attack and Payment Card Data Theft Online retailer Newegg is investigating a malware attack that may have stolen customers' payment card details for more than a month.

Retail 243

Social Media Too Shall Pass

John Battelle's Searchblog

At dinner last night with my wife and our 14 year-old daughter, I noticed a circular table of four teenage girls eating alone. They were about the same age as my daughter, who wasn’t exactly thrilled to be stuck with her parents as company on her first weekend of the school year.

Groups 109

Need an Information Roadmap? First Know Where You Are

Weissman's World

Throughout my years of working with organizations on their information management and technology initiatives, I have often heard clients and vendors say “Where is the roadmap?” and “We need a roadmap.” My response is always the same: First you must know where you are. What is the current state?

Groups 156

NEW TECH: WhiteSource leverages automation to mitigate lurking open-source vulnerabilities

The Last Watchdog

Just like the best sourdough bread derives from a “mother” yeast that gets divided, passed around, and used over and over, open-source software applications get fashioned from a “mother” library of code created and passed around by developers. Related: Equifax hack highlights open source attack vectors. In today’s world, quick innovations are a necessity, and software developers would rather not lose valuable time reinventing the wheel.

Hide and Seek (HNS) IoT Botnet targets Android devices with ADB option enabled

Security Affairs

The latest samples of the HNS bot were designed to target Android devices having the wireless debugging feature ADB enabled. The Hide and Seek (HNS) IoT botnet was first spotted early this year, since its discovery the authors continuously evolved its code.

IoT 108

Beware of Hurricane Florence Relief Scams

Krebs on Security

Tips 201

Police in Europe Tie Card Fraud to People-Smuggling Gang

Data Breach Today

NSA Attacks Against Virtual Private Networks

Schneier on Security

A 2006 document from the Snowden archives outlines successful NSA operations against "a number of "high potential" virtual private networks, including those of media organization Al Jazeera, the Iraqi military and internet service organizations, and a number of airline reservation systems.".

How to assess your physical filing practices and identify any issues

TAB OnRecord

Is it possible that you’re not managing your organizations records, but rather they are managing you? If panicked “All-Office” emails are common or if people are regularly searching for critical files after the information was needed, the answer may be yes.

Q&A: Reddit breach shows use of ‘SMS 2FA’ won’t stop privileged access pillaging

The Last Watchdog

The recent hack of social media giant Reddit underscores the reality that all too many organizations — even high-visibility ones that ought to know better — are failing to adequately lock down their privileged accounts. Related: 6 best practices for cloud computing. An excerpt from Reddit’s mea culpa says it all: “On June 19, we learned that between June 14 and June 18, an attacker compromised a few of our employees’ accounts with our cloud and source code hosting providers.

Access 130

Hackers target Port of Barcelona, maritime operations had not affected

Security Affairs

The Port of Barcelona was hit by a cyber attack, fortunately, maritime operations had not affected. On September 20, 2018 morning, the Port of Barcelona was hit by a cyber attack that forced the operators of the infrastructure to launch the procedure to respond to the emergency.

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

Wielding EternalBlue, Hackers Hit Major US Business

Data Breach Today

Luckily, Firm Was Only Infected With Cryptocurrency-Mining Malware Attack code known as EternalBlue, designed to exploit a Windows SMB flaw, continues to work for attackers despite Microsoft having issued patches more than a year ago. One major U.S.

Mining 235

Five-Eyes Intelligence Services Choose Surveillance Over Security

Schneier on Security

Serverless to the Max: Doing Big Things for Small Dollars with Cloudflare Workers and Azure Functions

Troy Hunt

As time has gone by, one of the things I've enjoyed the most in running Have I Been Pwned (HIBP) is seeing how far I could make the dollars stretch. How big can it go whilst at the same time, running it on a shoestring?

Q&A: The troubling implications of normalizing encryption backdoors — for government use

The Last Watchdog

Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? We know how Vladmir Putin, Xi Jinping and Kim Jung-un would answer: “Of course!”. Related: Nation-state hacks suggest cyber war is underway. The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use.

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security Affairs

Security experts from ESET have spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild.

Groups 107